Sister CISA CISSP:

TCM (Truly Clueless Management)


March 31, 2010  11:53 PM

A Trojan as a “Value-Add” for a Battery Charger



Posted by: Arian Eigen Heald
Data Breaches, information security, Stupid Technology, TCM (Truly Clueless Management)

I'm really not sure why a USB battery charger would need software to be hooked up to a computer, or a coffee-maker, for that matter. As much as I like computers, using a computer to charge batteries appears a...

February 19, 2010  5:23 PM

Not the Kind of “Buzz” Google Wants – Check Your Gmail



Posted by: Arian Eigen Heald
information security, Privacy, privacy on the web, TCM (Truly Clueless Management)

About ten days ago, a splash page appeared when I went to log into my Gmail, indicating I could click the button labeled “Sweet! Check out Buzz” or “Nah, go to my inbox." I just said "Nah" and went to my inbox, thinking no more about it. Sometime later, I noticed a little icon at the top of...


February 8, 2010  2:21 PM

More Adventures In Auditing



Posted by: Arian Eigen Heald
Adventures in Auditing, Eigen's Rules of Thumb, Start Laughing Now, Steps to an Easy Audit, TCM (Truly Clueless Management)

Not long ago (needless to say I can't mention time or client name) I was asked by a medium-sized business to investigate some problems they were having with spam, malware, and "weird stuff" on their network. Their network contained at least 200 users spread out over multiple sites. I asked to...


December 29, 2009  7:58 PM

Just in Time for the Holidays…..



Posted by: Arian Eigen Heald
Automatic Theft Machines, cloud computing, Cloud Security, information security, SQL Injection, Start Laughing Now, TCM (Truly Clueless Management)

There are a bunch of year end studies coming out, predicting various sorts of rises and decreases in criminal activity on the Internet. ("cybercriminal" sounds way too glamorous for me.) So I thought I'd offer up, in the spirit of the season, my two cents: Under the Category of Bad...


December 8, 2009  8:21 PM

“Social Media” and Business



Posted by: Arian Eigen Heald
etc, information security, information security policy, TCM (Truly Clueless Management), Twitter

My sister-in-law asked me yesterday about getting her company on Twitter and other social media sites like Facebook. She said that they would need to disable blocking functions in the office firewall to make it work. She also said that their IT department was very much against the idea, and she...


November 13, 2009  9:49 PM

You Can’t Outsource Reputation



Posted by: Arian Eigen Heald
Data Breaches, data security, information security, TCM (Truly Clueless Management)

Reviewing yet another data breach in the news, I was struck by the phraseology of the news report. Specifically, the article on MassMutual brought a point to mind that I keep using with companies and...


October 30, 2009  12:53 AM

When a “Fix” is Not a Fix – The Fix is In



Posted by: Arian Eigen Heald
Data Breaches, Hardware & InfoSec, information security, Stupid Technology, TCM (Truly Clueless Management), Tearing My Hair Out, Wireless

In my previous post, I discussed the Time Warner/SMC modem enormous security flaw. Lo and behold, I am visited and left a comment by "Adam Wood" defending SMC,...


August 17, 2009  7:20 PM

Blaming the Auditor for Bad Security



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, Data Breaches, IT Compliance - Policies, TCM (Truly Clueless Management)

Heartland Security has attempted to point the "Public Finger of Blame" at the hapless QSA auditor they used for PCI compliance, saying that the "QSA let us down." So who is in charge of security, Heartland or the auditor? Security is a corporate posture, not a pass/fail compliance test. You can...


August 10, 2009  12:54 PM

Which One is More Clueless? I Can’t Decide



Posted by: Arian Eigen Heald
Data Breaches, Start Laughing Now, TCM (Truly Clueless Management)

I ran across a story about a former employee who "broke into" his employer's computers, according to a news story from a TV station, entitled Cops: Former Worker Hacked Casino Computers. Now, here's the...


May 12, 2009  9:46 AM

Security Maxims to Live By



Posted by: Arian Eigen Heald
Admins and Auditors, Eigen's Rules of Thumb, Start Laughing Now, TCM (Truly Clueless Management)

I happened across the Vulnerability Assessment Team website of the Argonne National Laboratory. The Security Manager there has a great sense of humor, and has devised some security maxims much like my


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: